ClawHub

Reflectt

v0.1.0

Manage Reflectt teams by pulling tasks, reading inbox, updating presence, posting chat messages, and shipping updates via reflectt-node and reflectt-cloud APIs.

0· 166·0 current·0 all-time
by@ryancampbell
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the SKILL.md: all documented operations (tasks, inbox, presence, chat, shipping) are performed via local reflectt-node/cloud HTTP endpoints on 127.0.0.1:4445, which is consistent with a team-coordination skill.
Instruction Scope
Instructions only show curl calls to localhost endpoints and high-level working rules; they do not instruct reading arbitrary files or unrelated env vars. Note: the skill assumes access to a local HTTP API — if that endpoint is misconfigured or points at a different local service, the agent could interact with that service.
Install Mechanism
No install spec or code is present (instruction-only), so nothing is written to disk or downloaded during install.
Credentials
No environment variables or credentials are requested, which is consistent if the local API is unauthenticated or the runtime supplies auth. If your Reflectt deployment requires tokens or secrets, this skill does not declare them — you should verify how auth is handled before use.
Persistence & Privilege
Skill is not always-enabled and does not request elevated platform persistence. It is user-invocable and allows normal autonomous invocation, which is the platform default.
Assessment
This skill is an instruction-only helper for interacting with a local Reflectt API and appears internally consistent. Before installing: (1) confirm you actually run a Reflectt service on 127.0.0.1:4445 (or adjust the endpoint); (2) verify whether that local API requires authentication — if so, check how credentials are provided and avoid exposing secrets to the skill unless necessary; (3) be aware that the agent will be permitted to make network calls to localhost, so ensure no other sensitive services are listening on the configured port; (4) if you do not run Reflectt locally, do not enable this skill on agents with network access you don't trust.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fap4vzmn3mpexakpdz6r36s82snjh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments